<?php
/**
 * Created by PhpStorm.
 * User: Administrator
 * Date: 2021/12/8
 * Time: 15:32
 */


$username = $_POST['username'];
$oldPsd = $_POST['oldPsd'];
$newPsd = $_POST['newPsd'];


$key = $_COOKIE["userkey"];
session_start();
if(!isset($_SESSION[$key])) {
    echo "你尚未登入，<a href='/login.php'>请登入</a>";
    die;
}else{

    if ($key==md5($username.$oldPsd)){
        if ($newPsd==$oldPsd){
            exit("旧密码与新密码不可相同！");
        }
        $key = md5($username.$newPsd);
        setcookie("userkey",$key,time()+24*3600,'/');
        $_SESSION[$key]=[
            'username'=>$username,
            'psd'=>$newPsd
        ];
        echo "<h1>修改成功</h1>";
    }else{
        echo "旧密码或用户名输入错误！";
    }
}


